Thanks! Did Windows find and use that TPM? Did you have to configure
anything?
For the CPU problem: at the current state I do not rule out that this is
a Windows problem. We see the same excessive CPU usage on our Linux/KVM
hypervisors.
best regards,
Robert
On 28.11.25 11:15, Marco Orsatti wrote:
Many thanks!
It also works in already installed windows 11.
I made a small change to the script so that I can run it in a common
location for multiple VMs:
#!/bin/sh
VMNAME="$1"
SOCKET="/tmp/.bhyve.tpm.$VMNAME.sock"
if [ ! -S "$SOCKET" ]; then
nohup swtpm socket --tpmstate backend-uri=file:///vm/$VMNAME/tpm.state
<file:///vm/$VMNAME/tpm.state> --server type=unixio,path="$SOCKET" --
tpm2 --flags not-need-init &
fi
I think it works on Server 2022 and 2025 too, I'll do some testing
There's another major problem with Windows 11 and Server 2022/25:
excessive host CPU usage. Has anyone found a solution?
Marco
Il giorno 27 nov 2025, alle ore 23:57, infoomatic <[email protected]>
ha scritto:
Hi,
I could not get it to work on an already installed windows VM - I am
not sure this is a FreeBSD/swtpm issue.
On a fresh install I have had no issue.
my config:
bhyve_options="-l tpm,swtpm,/tmp/.bhyve.tpm.win11.sock"
prestart="tpm.sh"
and with tpm.sh:
#!/bin/sh
SOCKET="/tmp/.bhyve.tpm.win11.sock"
if [ ! -S "$SOCKET" ]; then
nohup swtpm socket --tpmstate backend-uri=file:///evo/vms/win11/
tpm.state --server type=unixio,path="$SOCKET" --tpm2 --flags not-need-
init &
fi
hth,
Robert
On 27.11.25 15:30, Andrea Venturoli wrote:
Hello.
I'm hitting my head on this, but cannot make it work.
Is it expected to work or am I just wasting my time?
FreeBSD 14.3/amd64
edk2-bhyve-g202308_5
vm-bhyve-1.6.2_1
bye & Thanks
av.
P.S.
In case someone is interested in the details:
vmbhyve starts bhyve with:
bhyve options: -c 3,sockets=1,cores=3,threads=1 -m 4G -AHPw -l
bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd -l tpm,swtpm,/
var/run/swtpm/tpm -k /zroot/vm/eserver/bhyve.conf -U f753439f-
bffa-11e8-b279-a4bf0142162f]
bhyve devices: -s 0,hostbridge -s 31,lpc -s 4:0,virtio-blk,/dev/
zvol/ zroot/vm/eserver/disk0,sectorsize=512 -s 5:0,virtio-
net,tap0,mac=58:9c:fc:00:11:65
-s 6:0,fbuf,tcp=192.168.XXX.1:25900 -s 7:0,xhci,tablet]
Windows sees the TPM device but says it cannot be started (code 10)
due to a protocol error.
In bhyve.log I see:
/tmp/bhyve.z4HOkg5 873: OperationRegion(TPP1,
SystemMemory, Add(0xfed45000, Arg0), One)
Remark 2173 - ^ Creation of
named objects within a method is highly inefficient, use globals or
method local variables instead (\_S
B.TPM.TPFN)
/tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized)
Warning 3115 - ^ Not all control paths
return a value (\_SB.TPM._DSM)
/tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized)
Warning 3107 - ^ Reserved method must
return a value (Integer/String/Buffer/Package/Reference required for
_DSM)
/tmp/bhyve.z4HOkg5 985: If(LEqual(Arg0, ToUUID("376054ED-
CC13-4675-901C-4756D7F2D45D"))) /* UUID */
Remark 2184 -
Unknown
UUID string ^
bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 /
3968): No error: 0
bhyve: tpm_crb_mem_handler: cancelling a TPM command is not
implemented yet
bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 /
3968): No error: 0
bhyve: tpm_crb_mem_handler: cancelling a TPM command is not
implemented yet
bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 /
3968): No error: 0
In swtpm logs:
Ctrl Cmd: length 12
80 01 00 00 00 0C 00 00 01 44 00 00 Error: Unknown command: 0x80010000
Ctrl Rsp: length 4
00 00 00 0A Ctrl Cmd: length 22
80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 01 00 00 00 00 2A
Error: Unknown command: 0x80010000
Ctrl Rsp: length 4
00 00 00 0A Ctrl Cmd: length 22
80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 01 00 00 00 00 2A
Error: Unknown command: 0x80010000
Ctrl Rsp: length 4
00 00 00 0A
This looks possibly like:
https://github.com/stefanberger/swtpm/issues/1069
That's for a different platform however and I have no idea how to
"port" those info to bhyve.
I have no previous experiences with swtpm (and I find it hard to get
a good howto/tutorial); TPM passthrough works for me (but obviously
not on machines without TPM).
